
How new and old security threats keep persisting
Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working, according to Cymulate. Security …

Leveraging AI and automation for enhanced cloud communication security
In this Help Net Security interview, Sanjay Macwan, CIO and CISO at Vonage, addresses emerging threats to cloud communications and the role of AI and automation in …

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA)
MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation …

New infosec products of the week: March 8, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Check Point, Delinea, Pentera, and Sentra. Delinea Privilege Control for Servers …

VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation
VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could …

Web-based PLC malware: A new potential threat to critical infrastructure
A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced …

Today’s biggest AI security challenges
98% of companies surveyed view some of their AI models as vital for business success, and 77% have experienced breaches in their AI systems over the past year, according to …

Tazama: Open-source real-time fraud management
Tazama is an open-source platform focused on improving fraud management within digital payment systems. Tazama marks a substantial transformation in the approach to financial …

78% of MSPs identify cybersecurity as prime IT challenge
Cybersecurity remained a top priority and an area of growth for MSPs, with 73% saying it’s a top revenue driver for their business, according to Kaseya. Ongoing …

A cybercriminal is sentenced, will it make a difference?
The darknet is home to many underground hacking forums in which cybercriminals convene, freely sharing stories, tactics, success stories and failures. Their unguarded …

Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild. CVE-2024-23225 and CVE-2024-23296 On Tuesday, Apple …

5 ways to keep API integrations secure
API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware